Review of Kali Linux – The Successor of backtrack

Kali Linux is a penetration testing and security auditing Linux distribution. After its release in March
2013, Kali Linux has quickly become the new favorite among PenTesters worldwide as their choice
for the PenTesting OS. Replacing its predecessor Backtrack, Kali incorporated several new
features and looks quite promising.It is available for i386 and amd64 architectures and has the
same Minimum Hardware Requirements as Backtrack: 1 GHz CPU, 8 GB of Hard Disk Space, 300
MB RAM, And DVD-writer/Ability to boot with a Pen drive.

A Little History

To be very concise, Kali is an offshoot of Backtrack, which is an Offshoot of ‘Whax’, which is itself
an Offshoot of ‘Whoppix’, which is derived from ‘Knoppix’. Something common among all of these
distros is that they were focused on Digital Forensics and Intrusion Detection, with Backtrack and
Kali adding a whole lot of Tools for PenTesting purposes. Backtrack has been “giving machine
guns to monkeys since 2007”, so it has had a long reign as the favorite distro of PenTesters
worldwide. ‘Offensive-Security’, the creators of Backtrack, decided to incorporate many changes in
new Backtrack 6 (as it was called at that time). Since it was built from scratch, it was significantly
different from the older versions of Backtrack and Offensive-Security decided to give a new name
to the Distro – ‘Kali Linux’.

What was wrong with Backtrack and why it needed a change?

We all love Backtrack but bottom-line is that there are a lot of problems associated with this distro.
The most annoying problem is ‘updating’. There was always a fear of ‘breaking’ something if you
updated it. There were too many tools and some of them weren’t updated as frequently as the
others. So updating the ‘dependencies’ of some would cause others to crash and we struggled to
maintain a balance where all these tools and their dependencies would co-exist without getting in
each other’s way.
When we wanted to use a tool, we needed to type the absolute path in shell.
For example, /pentest/passwords/john/john “file_name”
Remembering the locations of the tools was a pain and it just made things complicated.
In addition, Backtrack had a lot of ‘puny’ errors which crept up here and there while we were
working, small issues that we had to resolve on our own or run to Backtrack forums and get help
from other Pentesters there.
For example, the ‘wicd d-bus error’ that was ready to greet us when we installed a fresh copy of
BT5 and tried to connect to a network. Backtrack forums (and other websites) are filled with ‘how-to
posts’ that attempt to provide solution to such problems. Eventually we learned to get around these
issues but it did waste a lot of our time.

What makes Kali different from Backtrack 5?

This is the most asked question about Kali today. Offensive Security has tried to answer it on their
website “Unfortunately for us, that’s not a simple question to answer. It’s a mix between ‘everything’
and ‘not much’, depending on how you used Backtrack.”

Switch From Ubuntu to Debian

Kali Linux is based on Debian (Debian Wheezy). This turned out to be a great move by Offensive-
Security. The New Kali is much more comfortable to use than its predecessor.

File Hierarchy Standard Compliance

In the words of ‘MUTS’ from Offensive Security, “What this means is that instead of having to
navigate through the /pentest tree, you will be able to call any tool from anywhere on the system as
every application is included in the system path.” This is again a very welcome change in Kali.

Customizations of Kali ISOs

If need be, we can now build our own customizations of Kali Linux. These ISOs can be
bootstrapped directly from the repositories maintained by Offensive Security.

ARM Devices Support

Easier Updating and Upgrading

Packages on Kali can be updated with ease without worrying about ‘breaking’ something. This is
because the packages in the Kali repositories are ‘Debian Compliant’. The Kali Distribution itself
can be upgraded to newer version without the need for re-installing the distro.

300+ PenTesting Tools

This is quite a large collection and chances are that we won’t be needing all of them and we might
be needing some that are not included by default. However packages can always be grabbed from
the repositories at will, so that’s never a problem.

What is this ‘Forensics Mode’?

While booting up Kali Linux, an option exists for ‘Live Forensic Mode’ (Figure 2). This is quite a
useful feature if we want to do some real world forensic work. When into Forensics Mode, the
internal Hard Disk is not touched in any manner. The People at Offensive Security Performed a
Hash Comparison test where Hashes were taken of the Hard Drive before and after using Kali in
forensics mode. At the end of the test, the hashes matched suggesting that no changes were
made during the operation. Also worth noticing is that the Auto mount of Removable Media is
disabled while in Forensics mode.

Metasploit Framework in Kali

The discussion on Kali (or Backtrack for that matter) would be incomplete without a mention of how
well the Metasploit Framework is integrated with this distro. While ‘msfconsole’ brings it up,
‘msfupdate’ can update the metaspoit framework. Like in Backtrack, POSTGRESQL is used to
store the database.
The guys from offensive security and rapid7 (people behind the metasploit project), co-operated to
pre-load Kali Linux with msfpro (the professional web-service version of metasploit framework).
Metasploit in Kali has full tech support from rapid7.

Tools in Kali Linux

Tools are mostly the same as those found in Backtrack. However, in the Kali Linux menu, 10
Security tools have been highlighted as the Top 10 (Figure 4). Anyone who has worked on BT
would have no trouble guessing which tools would be available on Kali and which need to be
grabbed from the repositories. More than 300 tools come packaged with Kali which are enough to
serve the needs of most PenTests. The Top 10 tools in Kali Linux are mentioned below:
· Aircrack-ng – For wireless Cracking
· Burpsuite – For Web Applications Pentesting
· Hydra – For online Brute-Forcing of Passwords
· John – For offline Password Cracking
· Maltego – For Intelligence Gathering
· Metasploit Framework – For Exploitation
· Nmap – For Network Scanning
· Owasp-zap – For finding vulnerabilities in web applications
· Sqlmap – For exploiting SQL injection Vulnerabilities
· Wireshark – Network Protocol Analyzer

Kali Community Support

Kali Linux has an official IRC Channel on the Freenode network,# kali-linux. It provides a good
platform to interact with other users of Kali and get support.
Kali Linux provides three official repositories:
· http.kali.org: main package repository
· security.kali.org: security packages
· cdimage.kali.org: ISO images

Subtle differences noticed while regular work on Kali

One had to bring up the Graphical Interface manually by typind ‘startx’ in Backtrack. However Kali
loads up the Graphical User Interface by default.
Kali Linux environment is much cleaner and appears more stable than Backtrack 5
The Nessus Vulnerability scanner is not installed in Kali by default (as it was in Backtrack 5). You
would have to install it manually from the debian package.
Kali comes with a Graphical Packages installer which can be used to install new packages with the click of the mouse. It can brought up by typing the command: gpk-application

In Backtrack, several PenTesters faced issues in getting their Bluetooth up and running. The
Backtrack forums are filled with people troubleshooting their Bluetooth devices. In Kali Linux no
such problem was noticed and the Bluetooth works fine.
Firefox is replaced by Iceweasal which doesn’t matter much as they are both similar. However the
Iceweasal Browser in Kali doesn’t come pre-loaded with plug-ins like ‘no-script’ as in Firefox in
Backtrack. Iceweasal comes clean.
Small issues like inability to control your backlight in Backtrack have been fixed in Kali Linux. So you
would have a smoother working environment.

Summary

Kali Linux definitely turned out to be everything that a Penetration Tester would want from a Linux
distro. It does have room for improvements though and the developers are working on it constantly
to make it better. It addresses the problems Backtrack 5 had and it is significantly different from its
predecessor, yet any PenTester who was comfortable using Backtrack 5 would find his way around
in Kali Linux with ease. The default login in Kali Linux is in ‘root’ mode, so it is not the everyday
desktop OS and is not recommended for those new to ‘Linux’. However it fits the Penetration